package com.jkj.http.interceptor;


import com.jkj.http.entity.Operator;
import com.jkj.utils.OperatorProvider;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 登录验证过滤器
 *
 * @author zhoujunwen
 */
@Component
public class LoginCheckedInterceptor implements HandlerInterceptor {
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		if (handler.getClass().isAssignableFrom(HandlerMethod.class)) {
			LoginChecked loginChecked = ((HandlerMethod) handler).getMethodAnnotation(LoginChecked.class);
			// 没有声明需要权限,或者声明不验证权限
			if (loginChecked == null)
				return true;
			if (loginChecked.ignore()) {
				return true;
			}
			Operator operator = OperatorProvider.getCurrent(request.getSession());
			if (operator == null) {
				response.sendRedirect("/account/login");
				return false;
			}
			return true;
		}
		return true;
	}
}
